Cyber Security Threat Report - April Digest
Welcome back to the Riela Cyber Threat Report, the April Digest. This period has seen record-breaking figures, with it being reported that March 2023 was the most prolific month for ransomware attack records in recent years, there is no indication of attacks slowing down.??
?
News?
ChatGPT Banned in Italy?
ChatGPT, the Microsoft-backed chatbot, has officially been banned by Italian authorities. The authorities acted after Europol sent out a warning that ChatGPT could be used by criminals to spread disinformation online. Concerns were raised about ChatGPT's collection and storage of personal data without a legal basis to do so, specifically for the purpose of training its algorithm. This follows ChatGPT’s data leak last month that caused approximately 1.2% of ChatGPT Pus Subscriber’s personal data and chat queries to be leaked (including their names, payment details, addresses, credit card details and more).?
This is the first time that authorities have taken action against ChatGPT and we predict that it will not be the last.?
?
Capita Data Breach?
The outsourcing giant Capita, who run crucial services for the government including the NHS and military, admitted that customer, staff, and supplier data may have been accessed as a result of their cyber attack last month. The attack caused major IT outages, primarily affecting the Office 365 suite of products, including Teams, Word and Excel. Capita are yet to reveal how many customers may have been affected.?
?
Russia Poses Threat to UK Infrastructure?
The UK is being warned by the National Cyber Security Centre (NCSC) that it is not doing enough to protect its national infrastructure from cyber threats.?
Lindy Cameron, CEO of the NCSC, told her audience at CyberUK’s conference in Belfast:?
“If the UK is to be the safest place to live and work online, then resilience must urgently move to the top of our investment shopping list."?
A group of hackers that support Russia’s invasion on Ukraine have stated a desire to create a destructive and disruptive impact against the UK’s infrastructure. Organisations which are behind the UK’s essential infrastructure (energy, water, etc.), are urged to act immediately to protect against the emerging threat.?
?
Suspicious Email Reporting Service (SERS) – Isle of Man?
The Isle of Man’s Office of Cyber Security and Information Assurance (OCSIA) have released their latest Suspicious Email Reporting Service (SERS) report for the month of March. This highlighted that of all reported emails, 77% and 6% contained malicious links and attachments respectively. A further warning is issued to all Isle of Man residents to take precaution regarding the ‘manx.net’ domain name, with it being the most reported phishing scam.?
?
Alerts?
PaperCut Flaw?
The widely used print management software PaperCut MF/NG is being exploited through two security flaws (CVE-2023-27350 and CVE-2023-27351) to install remote management software and take over servers. These attacks carry a 9.8/10 severity score as they do not require user interaction and so are easy to execute.??
Google Chrome
Google Chrome has issued its first zero-day warning of 2023 to 3 billion users. The exploited vulnerability, CVE-2023-2033, affects Chrome on Windows,?Linux and Mac. There is now a patch, however you must update chrome to get it. Check out our video here to see how.
WordPress
A number of vulnerabilities have been identified putting millions of WordPress sites at risk. With 67 plugin vulnerabilities and 2 themes with security patches available, it is more important than ever to ensure frequent patching is taking place.
Apple In Danger
With Apple Macs growing in business popularity, the notorious ransomware group ‘Lockbit’ are rumored to have began a ransomware campaign targeting Apple MacOS devices.
?
Highlights?
CYBERISLE 2023 Announced – 4th October?
We are pleased to announce that for the third consecutive year, Riela Cyber will be headline sponsors of the Isle of Man’s annual cyber security conference, CYBERISLE. Taking place on the 4th of October at the the Comis Hotel, the conference aims to increase public awareness of cybercrime, foster resilience, and highlight its effects on users at home, at work, and in the community.?
Christian Goelz, Director at Riela said:?
“We are delighted that Riela Cyber is once again sponsoring CYBERISLE 2023 for the third consecutive year. The annual event serves as an important reminder of the ever-evolving digital threats and offers essential education about what each company can do to mitigate the risks. We are proud to support this event to build a more resilient Manx community together.”?
?
Graduate Fair – Thank You!?
Our teams at Riela Cyber and Riela Tech were pleased to attend the Isle of Man Graduate Fair on the 12th of April, raising awareness of the many exciting opportunities for young people starting their careers in the tech field. Thank you to all those who attended the Grad Fair and visited our stand, it was great to speak to and answer questions from the next generation of security professionals.?
?
Thank you for taking the time to read our April Cyber Threat Report. We look forward to sharing more with you next month. In the meantime, keep up to date with the latest news from Riela Cyber by checking out our Cyber Blog.?